Conduct network infrastructure, Public Cloud (AWS and GCP), and data-layer offensive pen-testing
- Perform manual source code reviews and audits (manual and SCA/SAST code audits) as needed
- Basic Qualifications
- A pen-test certification such as Offensive Security Certified Professional (OSCP) or CEH, OSWE, OSCE, GPEN, GMOB, GWAPT, GXPN, eWAPT, eMAPT and/or willing to work towards ultimately obtaining one as part of your career path
- 3+ years of relevant engineering or security assessment experience
- Possess a broad knowledge of attack vectors, exploits and mitigations that work at scale or may be linked together for chained attacks
- Experience with assessing with Cloud-native services, service meshes, and Kubernetes-platform based microservices
- Be able to think both offensively (like a hacker) and defensively (evaluating product security and design)
- Ability to create written work product, detailed technical findings documents, and pen-test reports
- ...